Both fail to build on aarch64-darwin with the current nixpkgs pin
(cctools ld crashes with 'Trace/BPT trap: 5'): gurk-rs directly, and
vfkit as a colima dependency. Stub them on darwin test runs.
Move public option declarations and file-entry helpers into dedicated files while keeping module assembly in default.nix. Update the AI labeler for the new module directory.
Persist managed plugins in Claude Code's personal skills directory so strict-parser subcommands do not receive injected --plugin-dir arguments. Retain version-gated legacy behavior for older and unversioned packages.
When an agent's launchd.agents.<name>.domain is changed from gui to
user (or the agent is newly installed on a headless macOS system
where the gui/<UID> domain never existed), bootoutAgent attempts to
unload the agent from the old domain first. On such systems, this
fails with: Boot-out failed: 125: Domain does not support specified
action.
The bootoutAgent function only treated "No such process" as a
non-fatal condition (return 2). This change adds the domain-not-exist
error to the same handling path: the agent wasn't running in a domain
that doesn't exist, so we can safely skip the boot-out and proceed
with bootstrap into the new domain.
Follow up on home-cursor: remove legacy enable by preserving the implicit enable path that was not covered by the earlier deprecation warning.
Configurations that set home.pointerCursor without top-level enable now continue to work and emit a warning asking users to set home.pointerCursor.enable explicitly.
yubikey-agent triggers OS-level CCID/PIV PIN entry dialogs when SSH
authentication is requested. These system security prompts require
access to the macOS Aqua session (window server). Running in the user
domain (LimitLoadToSessionType=Background) blocks these prompts,
causing authentication to fail or hang.
Revert to the default gui domain so PIN prompts can render in the
graphical login session.
gpg-agent is commonly configured with graphical pinentry programs
(pinentry-mac, pinentry-gnome3) on macOS that need access to the Aqua
session to display passphrase prompts. Running in the user domain
(LimitLoadToSessionType=Background) prevents these prompts from
rendering, causing passphrase entry to fail silently or hang.
Revert to the default gui domain so the agent runs in the graphical
login session where pinentry can interact with the window server.
Fixes the following accessing issue:
```
Error accessing credential on keyring: PlatformFailure(Error { code: -25308, message: "User interaction is not allowed." })
```
Added a new config option programs.firefox.profiles.<name>.storeId.
Setting this option now writes the StoreID both to the profiles.ini
and to the settings."toolkit.profiles.storeID" of the profile.
Firefox has two different profile implementations;
- the old one that home-manager module can declare
- the new "Selectable Profile Service" introduced in 150
The new profiles are managed in a runtime db, and reads from profiles.ini
Migration without database operations is not possible right now,
but when it becomes available, this option will stop home-manager from
clobbering the linked storeIDs.
Don’t append `--color=always` and `--sort-paths` unconditionally, since
`difftastic` doesn’t like repeated arguments, and the user might have
already set them (via `config.programs.difftastic.options`).
To clarify, if `difft` gets called with any parameter repeated, it will
croak:
difft --color=always --color=always
error: the argument '--color <WHEN>' cannot be used multiple times
Usage: difft [OPTIONS] OLD-PATH NEW-PATH
For more information, try '--help'.
By patching `cfg.options` we ensure that the parameters are defined, and
have the required value, since the user might have selected differently
for their general setup (again, via `config.programs.difftastic.options`).
The previous test would pass no matter what the `ignoreString` was. I
don't know enough Bash/Grep to explain it, but it was easy to test by
just changing the pattern to have `WRONG` instead of `val1`, and that
would still pass the `assertFileContains` test.
I've hopefully fixed it now, by using `lib.escapeShellArg` before
passing it to `assertFileContains`, and I've also added a negative test
case, to ensure that a bad ignore string is _not_ found in the merge
script.
Taken from this nixpkgs commit by @zorrobert:
7a223b2685
Syncthing shared folders can be configured to ignore paths. These
changes add support for this functionality.
Co-authored-by: zorrobert <118135271+zorrobert@users.noreply.github.com>
Detect active fzf and history-manager Ctrl-R bindings by their configured values, warn with the winning precedence, and let the normal binding options silence the warning.
Pure Nushell sessions do not source hm-session-vars, so feed the same FZF_* values through programs.nushell.environmentVariables before sourcing fzf integration.
Move widget settings under nested option groups while preserving behavior through rename aliases, and centralize FZF environment variable rendering for later reuse.
fzf 0.48.0 embeds shell integration scripts, so keep only the supported fzf --bash, --zsh, and --fish paths and assert that integrations use a new enough package.
Source the Nushell integration at order 2000 so fzf can keep chaining carapace at mkAfter while Atuin still wins Ctrl-R like it does in other shells.
Users who used programs.nushell.extraConfig = lib.mkAfter ... to beat Atuin now need lib.mkOrder 2001 or later.
User-domain agents need the Background session type to bootstrap into user/501, and activation should fail rather than silently unloading services when launchctl bootstrap fails.
Adding option `systemdTarget` to hyprpaper to match other
wayland/hyprland modules. This allows easy fixup of startup dependencies
for the service, depending on system.